The Cybersecurity and Infrastructure Protection Agency (CISA), FBI and US Treasury have issued a joint warning about North Korean hacking threats aimed at stealing cryptocurrencies.

The document cites hackers Lazarus Group, APT38, BlueNoroff and Stardust Chollima.

US authorities said they have seen attacks targeting the cryptocurrency and blockchain industries, including exchanges, DeFi protocols, venture capital funds, individual large crypto asset holders and NFTs.

Attackers often use social engineering techniques to trick victims into downloading malware and apps. With their help, hackers gain access to the victim’s device, steal keys or exploit other vulnerabilities.

The document contains a number of recommendations for cyber protection, including the use of multi-factor authentication, connecting to secure hosts only, and more.

Remember, last year North Korean hackers carried out at least seven cyberattacks on cryptocurrency platforms, during which they stole nearly $400 million worth of digital assets, according to the Chainalysis report.

The UN said the DPRK financed the development of nuclear programs through attacks on bitcoin exchanges.

The US believes Lazarus was involved in the attack on the Ronin sidechain, the largest hack in DeFi segment history.